Näytä suppeat kuvailutiedot

dc.contributor.authorKiperberg, Michael
dc.date.accessioned2015-12-02T11:07:49Z
dc.date.available2015-12-02T11:07:49Z
dc.date.issued2015
dc.identifier.isbn978-951-39-6437-5
dc.identifier.otheroai:jykdok.linneanet.fi:1505139
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/47956
dc.description.abstractOne of the important aspects of protecting software from attack, theft of algorithms, or illegal software use is eliminating the possibility of performing reverse engineering. One common method used to deal with these issues is code obfuscation. However, it is proven to be ineffective. Code encryption is a much more effective means of defying reverse engineering, but it requires managing a cryptographic key available to none but the permissible users. The thesis presents a system for managing cryptographic keys in a protected environment and supporting execution of encrypted code. The system has strong security guarantees. In particular, the cryptographic keys are never stored on the target machine, but rather delivered to it from a remote server, upon a successful verification of its authenticity. The keys and the decrypted instructions are protected by a thin hy- pervisor at all times. The system allows the encryption and execution of both native and Java code. During native code execution, the decrypted instructions are inaccessible to a potentially malicious code. This is achieved by either preventing execution of any other code or by protecting the memory region containing the decrypted instructions during their execution. Java programs, unlike native programs, are not executed directly by the processor, but are interpreted (and sometimes compiled) by the Java Virtual Machine (JVM). Therefore, the JVM will require the cryptographic key to decrypt the encrypted portions of Java code, and there is no feasible way of securing the key inside the JVM. The thesis proposes to implement a Java bytecode interpreter inside the secure environment, governed by a thin hypervisor. This interpreter will run in parallel to the standard JVM, both cooperating to execute encrypted Java programs.
dc.format.extent1 verkkoaineisto (113 sivua)
dc.language.isoeng
dc.publisherUniversity of Jyväskylä
dc.relation.ispartofseriesJyväskylä studies in computing
dc.relation.haspart<b>Article I:</b> Kiperberg, M.; Resh, A.; Zaidenberg, N.J. Remote Attestation of Software and Execution-Environment in Modern Machines. <i>The 2nd IEEE International Conference on Cyber Security and Cloud Computing, 2015.</i> <a href="http://dx.doi.org/ 10.1109/CSCloud.2015.52 " target="_blank">DOI: 10.1109/CSCloud.2015.52</a>
dc.relation.haspart<b>Article II:</b> Zaidenberg, N.J.; Neittaanmäki, P.; Kiperberg, M.; Resh, A.. Trusted Computing and DRM. <i>Cyber Security: Analytics, Technology and Automation, vol. 78, pp. 205-212, 2015. </i><a href="http://dx.doi.org/ 10.1007/978-3-319-18302-2_13 " target="_blank">DOI: 10.1007/978-3-319-18302-2_13</a>
dc.relation.haspart<b>Article III:</b> Kiperberg, M.; Zaidenberg, N.J. Efficient Remote Authentication. <i>The Journal of Information Warfare , vol.12, no.3, 2013.</i>
dc.relation.haspart<b>Article IV:</b> Averbuch, A.; Kiperberg, M.; Zaidenberg, N.J. Truly-Protect: An Efficient VM-Based Software Protection. <i>Systems Journal, IEEE , vol.7, no.3, pp. 455- 466, 2013. </i> <a href="http://dx.doi.org/ 10.1109/JSYST.2013.2260617 " target="_blank">DOI: 10.1109/JSYST.2013.2260617</a>
dc.relation.haspart<b>Article V:</b> Averbuch, A.; Kiperberg, M.; Zaidenberg, N.J. An efficient VM-based software protection. <i>Network and System Security (NSS), 2011 5th International Conference, pp. 121-128, 2011. </i> <a href="http://dx.doi.org/ 10.1109/ICNSS.2011.6059968 " target="_blank">DOI: 10.1109/ICNSS.2011.6059968 </a>
dc.relation.haspart<b>Article VI:</b> Kiperberg, M.; Resh, A.; Algawi, A.; Zaidenberg, N.J. System for Executing Encrypted Java Programs. IEEE Transactions on Dependable and Secure Computing, <i>Submitted.</i>
dc.relation.haspart<b>Article VII:</b> Kiperberg, M.; Leon, R.; Resh, A.; Zaidenberg, N.J. System for Executing Encrypted Native Programs. IEEE Symposium on Security and Privacy, <i>Submitted.</i>
dc.relation.isversionofJulkaistu myös painettuna.
dc.subject.othertakaisinmallinnus
dc.subject.othersalausavaimet
dc.subject.otherhypervisorit
dc.subject.othertrusted computing
dc.subject.othervirtualization
dc.subject.otherhypervisor
dc.subject.otherthin hypervisor
dc.subject.otherremote attestation
dc.subject.otherinterpretation
dc.subject.otherbuffered execution
dc.titlePreventing reverse engineering of native and managed programs
dc.typeDiss.
dc.identifier.urnURN:ISBN:978-951-39-6437-5
dc.type.dcmitypeTexten
dc.type.ontasotVäitöskirjafi
dc.type.ontasotDoctoral dissertationen
dc.contributor.tiedekuntaInformaatioteknologian tiedekuntafi
dc.contributor.yliopistoUniversity of Jyväskyläen
dc.contributor.yliopistoJyväskylän yliopistofi
dc.contributor.oppiaineTietotekniikkafi
dc.relation.issn1456-5390
dc.relation.numberinseries228
dc.rights.accesslevelopenAccessfi
dc.subject.ysotietoturva
dc.subject.ysotietokoneohjelmat
dc.subject.ysolähdekoodit
dc.subject.ysoJava
dc.subject.ysosalaus
dc.subject.ysovirtualisointi


Aineistoon kuuluvat tiedostot

Thumbnail

Aineisto kuuluu seuraaviin kokoelmiin

Näytä suppeat kuvailutiedot